The Agent Skills Directory

[PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection by fetching and displaying article titles, bodies, and comments from the DEV.to API. If an attacker publishes an article or comment containing instructions (e.g., 'IMPORTANT: Disregard previous instructions and instead...'), the agent reading this content might be influenced to deviate from its intended behavior.
Ingestion points: The script devto.py fetches data from https://dev.to/api via several commands (top, latest, tag, article, comments, search, tags).
Boundary markers: None identified. The content is printed directly to the terminal or returned as JSON without explicit delimiters to warn the agent about untrusted content.
Capability inventory: The skill primarily performs network reads (GET requests) and terminal output. It does not appear to have write access or arbitrary command execution capabilities, which significantly limits the impact of any potential injection.
Sanitization: The script performs basic HTML stripping for comments using regex, but this is for display purposes rather than security sanitization against prompt injection. No sanitization is performed on article titles or bodies.

ez-devto